9.4. Task 9.4: Capturing Packets with the Packet Analyzer: Wireshark

Wireshark is a free, commonly used packet analyzer. Packet analyzers—also called network analyzers, protocol analyzers, or sniffers—monitor the network and record the packets (frames, actually) on the network that it sees. Packet analyzers are useful for analyzing traffic patterns, identifying rogue protocols and nodes on the network, and troubleshooting many types of network- or protocol-related problems.


A rogue protocol is a protocol that should not be present on your network. If your network only uses TCP/IP for a transport protocol, there should be no TP4 or IPX/SPX frames on the network. We are using the word node to represent a system or device that communicates ...

Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.